I have been tasked to find a solution for Encrypting data being transferred from an Oracle database in one state to a SQL database in another. We setup MDS and DQS and want to send the data directly from the oracle db to the sql db. Currently they are transferring the data to an excel file and encrypting it and sending it through email. Not having done anything with encryption for either database im not sure what I need to do. I do know that both programs can use TDE but not sure if that is the solution here. Ive been looking at Encryption appliances but will they actually encrypt your data for you along with creating the keys or do you have to encrypt the data and then send it to the Encryption appliance for the key and send it off through there?

Is the oracle database on unix or windows?Both sql server and oracle have their own TDE feature but that wont encrypt the comms point to point. Best way would be to use IPSec to secure the communication channel between the hosts.

We thought about this as part of the options but the connection would have to be permanently up and if data isnt getting sent all the time then the connection would have to be brought back up every time it dropped. we could use a ping to keep the talk going but im not sure this is the best solution since there will be too many moving parts. Unless you know a good way to make sure the vpn connection permanent?

How about just using Certificates? Are they trusted enough to make sure the information is encrypted over the WAN since the data being sent has PII? I'm trying to keep this solution as simple as possible but still trying to make it as safe as possible. Can you use Certificates going from an Oracle database to a SQL database? I believe the Oracle database resides on a Unix box.